Data Traffic Reduction for Suspended Data Service

ABSTRACT

In one example, a mobile AP device receives from a mobile device a request to a server or device in an IP network. When cellular data service of the mobile AP device is available, the mobile AP device allows the request to be sent to a mobile network for communication to the server or device. When the cellular data service is suspended, the mobile AP device disallows the request from being sent to the mobile network to prohibit the communication to the server or device. For a request for content, the mobile AP device may additionally generate and send to the mobile device a response indicating a redirect to a local landing page of the mobile AP device. A control center or server may send one or more messages which instruct the mobile AP device to process the requests in accordance with one or more rules to disallow the requests.

TECHNICAL FIELD

The present disclosure generally relates to reducing data traffic incommunication systems, in networks, and for devices, and in particular,to reducing data traffic associated with mobile access point (AP)devices during data service suspension.

BACKGROUND

A communication system may include a mobile communication network, suchas a cellular telecommunications network, connected to an IPcommunication network, such as the Internet. The communication systemmay provide mobile communication devices, such as cellular telephonesand smartphones, with voice and data communication services. Wirelesslocal area networks (WLANs) may also provide wireless connections to theIP network for these mobile devices, as devices are often additionallyconfigured for communications in accordance with IEEE 802.11. Internetof Things (IoT) devices are becoming more commonplace in these types ofenvironments.

BRIEF DESCRIPTION OF THE DRAWINGS

So that the present disclosure can be understood by those of ordinaryskill in the art, a more detailed description may be had by reference toaspects of some illustrative implementations, some of which are shown inthe accompanying drawings.

FIG. 1 is a diagram of a communication system which illustrates one typeof environment within which techniques of the present disclosure may beemployed, the communication system including a mobile access point (AP)device configured to facilitate communication of data traffic betweenmobile communication devices and servers or devices of an IPcommunication network;

FIG. 2 is a message flow diagram for describing a method ofcommunicating data traffic in a communication system when data servicefor a mobile AP device is available;

FIG. 3 is a message flow diagram for describing a method of controllingand communicating data traffic in a communication system when dataservice for a mobile AP device is suspended;

FIG. 4 is a flowchart for describing a method of controlling datatraffic by a control center or server of a communication system, whichmay be used for reducing data traffic when data service for a mobile APdevice is suspended;

FIG. 5 is a flowchart for describing a method of controlling datatraffic by a mobile AP device of a communication system, which may beused for reducing data traffic when data service for a mobile AP deviceis suspended;

FIG. 6 is a flowchart for describing a method of controlling datatraffic by a mobile AP device of a communication system, which may beused for reducing data traffic when data service for the mobile APdevice is suspended;

FIG. 7 is a message flow diagram for describing a method of controllingand communicating data traffic in a communication system, which may beused for reducing data traffic when data service for a mobile AP deviceis suspended;

FIG. 8 is a message flow diagram for describing a method of controllingand communicating data traffic in a communication system, which may beused for reducing data traffic when data service for a mobile AP deviceis suspended;

FIG. 9 is a message flow diagram for describing a method of controllingand communicating data traffic in a communication system, which may beused for restoring data service for the mobile AP device;

FIG. 10 is a schematic block diagram of a mobile communication deviceconfigured to operate as a mobile access point (AP) (“mobile APdevice”), which may be part of a connected car module or other Internetof Things (IoT) equipment; and

FIG. 11 is a block diagram illustrating pertinent components of acontrol center or server.

In accordance with common practice the various features illustrated inthe drawings may not be drawn to scale. Accordingly, the dimensions ofthe various features may be arbitrarily expanded or reduced for clarity.In addition, some of the drawings may not depict all of the componentsof a given system, method or device. Finally, like reference numeralsmay be used to denote like features throughout the specification andfigures.

DESCRIPTION OF EXAMPLE EMBODIMENTS

Numerous details are described in order to provide a thoroughunderstanding of the example implementations shown in the drawings.However, the drawings merely show some example aspects of the presentdisclosure and are therefore not to be considered limiting. Those ofordinary skill in the art will appreciate that other effective aspectsand/or variants do not include all of the specific details describedherein. Moreover, well-known systems, methods, components, devices andcircuits have not been described in exhaustive detail so as not toobscure more pertinent aspects of the example implementations describedherein.

Overview

A mobile device may operate for communications in a cellular network, awireless local area network (WLAN), or other suitable network. A mobiledevice may even be equipped with dual communication capabilities (e.g.both cellular and Wi-Fi), and configured to operate as a mobile accesspoint (AP) to provide a mobile “hotspot” for communication devices. Forexample, a “connected car” environment provides a mobile AP function toprovide a mobile hotspot in a vehicle, so that communication devices mayaccess voice and/or data communication services and the Internet.

There is an ongoing need for advancing and improving devices, networks,and communications in the above-described environments, as well asadvancing and improving devices, networks, and communications associatedwith other similar or even unrelated environments.

As described herein, a mobile communication device may be configured tooperate as a mobile access point (AP) and be referred to as a “mobile APdevice” or the like. In one illustrative example, the mobile AP devicereceives from a mobile device one or more requests to a server or devicein an IP network. When data service is available, the mobile AP deviceallows the one or more requests to be sent to a mobile network forcommunication to the server or device in the IP network. When the dataservice is suspended, the mobile AP device disallows the one or morerequests from being sent to the mobile network to prohibit thecommunication to the server or device in the IP network. The dataservice may be part of a cellular communication service provided by aservice provider, where the cellular service is made available orsuspended by the service provider.

The specific handling of a request may vary depending on one or moreparameters of the request, such as the type of request. For a requestfor content (e.g. an HTTP GET request), for example, the mobile APdevice may additionally generate and send to the mobile device aresponse indicating a redirect to a local landing page of the mobile APdevice.

Prior to such processing, the mobile AP device may receive via themobile network one or more messages which instruct a change in datatraffic handling. In particular, the one or more messages may instructthe mobile AP device to process the one or more requests in accordancewith one or more rules for a suspended data service mode of operation.The one or more rules include a rule for disallowing the one or morerequests from being sent to the mobile network during the suspended dataservice mode.

In some implementations, the one or more messages may enable or activateone or more rules previously stored in memory of the mobile AP device.In addition, or alternatively, the one or more rules for processing theone or more requests may be received by the mobile AP device in the oneor more messages and stored in memory of the mobile AP device.

Also as disclosed herein, a control center or server may receive amessage indicating a need to change data traffic handling for a mobileAP device based on one or more suspension conditions being identified.In response, the control center or server may send to the mobile APdevice one or more messages which instruct a change in data traffichandling for the mobile AP device. In particular, the one or moremessages may instruct the mobile AP device to process the one or morerequests in accordance with one or more rules for a suspended dataservice mode of operation. The one or more rules include a rule fordisallowing the one or more requests from being sent to the mobilenetwork in the suspended data service mode.

In some implementations, the one or more messages may enable or activateone or more rules previously stored in memory of the mobile AP device.In addition, or alternatively, the one or more rules for processing theone or more requests may be sent in the one or more messages for storagein memory of the mobile AP device.

Example Embodiments

Referring now to FIG. 1, a diagram of a communication system 100illustrating one type of environment within which techniques of thepresent disclosure may be employed is shown. While pertinent featuresare illustrated in FIG. 1 and the other Figures, those of ordinary skillin the art will appreciate from the present disclosure that variousother features have not been illustrated for the sake of brevity and soas not to obscure more pertinent aspects of the example implementationsdisclosed herein.

Communication system 100 of FIG. 1 may generally include a mobilecommunication network (“mobile network”) 104 connected to an IPcommunication network 110 (“IP network”).

Mobile network 104 may be a wireless wide area network (WWAN), such as acellular telecommunications network. Mobile network 104 may include aplurality of base stations 106, such as base stations 160, 162, and 164,connected to a core network 105. A gateway 108 may be used to connectthe core network 105 to IP network 110. Gateway 108 may be a packetgateway (PGW).

A plurality of mobile communication devices 102 shown in FIG. 1 mayinclude mobile devices 122, 124, and 126. In general, mobile devices 102may be cellular telephones, smartphones, laptop computers, tabletcomputers, and PDA's, to name but a few. Some of these mobile devices102, such as mobile devices 122 and 126, may communicate with mobilenetwork 104 directly through base stations 106, such as base stations160 and 164, respectively.

At least one of the mobile devices in FIG. 1 may be a mobile deviceconfigured to operate as a mobile access point (AP), referred to andshown in FIG. 1 as a mobile AP device 150. In some implementations,mobile AP device 150 is a mobile device equipped with dual communicationcapabilities (e.g. both cellular and Wi-Fi), and configured to operateas a mobile AP to provide a mobile “hotspot” for communication devices(e.g. laptop and tablet computers, as well as suitably-equipped cellulartelephones and smartphones).

Accordingly, as shown in FIG. 1, mobile AP device 150 may be configuredto provide wireless communications over a first wireless connection 140with a mobile device (e.g. mobile device 122) according a firstcommunication protocol or standard, and provide wireless communicationsover a second wireless connection 146 with a mobile network (e.g. mobilenetwork 104) according to the second communication protocol or standard.The first communication protocol may be a Wi-Fi or WLAN protocol, whichis described in a group of specifications developed by the Institute ofElectrical and Electronics Engineers (IEEE) referred to collectively asthe IEEE 802.11 standard. The second communication protocol may be anysuitable cellular telecommunications protocol or standard described inone of several various sets of specifications. Thus, first wirelessconnection 140 of mobile AP device 150 may be a WLAN connection, andsecond wireless connection 146 of mobile AP device 150 may be cellularnetwork connection.

IP network 110 may be a packet data network, such as the Internet. Aplurality of servers 170, such as servers 172, 174, and 176 may beconnected to IP network 110. Control center 180 may also be connected toIP network 110. Operation of control center 180 and servers 172, 174,and 176 are described in further detail in relation to FIGS. 3-5 and7-9, and pertinent components of control center 180 and server 176 aredescribed later in relation to FIG. 11.

Gateway 108 is an interface between mobile network 104 and IP network110, and facilitates communications between mobile devices 102 andservers/devices in IP network 110. Gateway 108 may include a rulesdatabase (DB) 112 for accessing a set of rules which enforce trafficpolicy decisions for mobile devices. The set of rules may be referred toas a “rulebase.” The set of rules may describe the required traffichandling for a corresponding subscriber.

A policy server or function 190 may be connected to gateway 108. Policyfunction 192 may be a Policy and Charging Rules Function (PCRF). Thepolicy function 192 or PCRF is configured to make charging enforcementdecisions on behalf of gateway 108. Each time a mobile device connectsto gateway 108 for communications, policy function 192 communicates togateway 108 an indication or name of a selected set of rules in rules DB112 to which gateway 108 applies to the communications of the mobiledevice.

Service monitor 190 may be connected to gateway 108. Service monitor 190may be configured to monitor service and usage (e.g. data traffic usage)of at least some of mobile devices 102, such as mobile devices 122, 126,and 150. Service monitor 190 may be, for example, an Online ChargingSystem (OCS). In general, the OCS is a system configured to provide acharging mechanism for a communication service provider, for example, tocharge subscribers in real-time based on service usage. The OCS may beconnected to gateway 108 via a standard interface “Gy”.

Operation and other aspects of the entities in the communication system100 of FIG. 1 will now be described in relation to FIGS. 2-11.

FIG. 2 is a message flow diagram 200 for describing a method ofcommunicating data traffic in a communication system (e.g. communicationsystem 100 of FIG. 1) when data service is available. When data serviceis available, data traffic may be communicated between a mobile device(e.g. mobile device 122 of FIG. 1) and a network (e.g. IP network 110)via a mobile AP device (e.g. mobile AP device 150 of FIGS. 1 and 10).

Initially, when mobile device 122 is moved within wireless coveragerange of mobile AP device 150, an authentication procedure is performedbetween mobile device 122 and mobile AP device 150 to authenticatemobile device 122. In response to a successful authentication, mobiledevice 122 associates with mobile AP device 150 and establishes anetwork connection with IP network 110.

Sometime during operation, mobile device 122 communicates to mobile APdevice 150 a request (“Req”) to a server or device in IP network 110(step 202 of FIG. 2). The request may originate from an application ofmobile device 122 (e.g. a web browser application). Further, the requestmay be any suitable request (e.g. a Hypertext Transfer Protocol or HTTPrequest) destined to any suitable server or device (e.g. an HTTPserver). Here, the request may be destined to server 172 of IP network110. Mobile AP device 150 receives the request from mobile device 122.

In response to receiving the request, mobile AP device 150 sends tomobile network 104 a corresponding request (step 204 of FIG. 2). Here,mobile AP device 150 may perform one or more address translationfunctions for translating network and/or port addresses of the request.For example, mobile AP device 150 may perform a Network AddressTranslation (NAT) and/or a Port Address Translation (PAT) on the requestbefore communicating the request to the mobile network 104.

The request is communicated to gateway 108 of mobile network 104 (step206 of FIG. 2). Gateway 108 is configured to process the request ofmobile AP device 150 in accordance with a set of rules in the rules DB112 (step 208 of FIG. 2). When data service of mobile AP device 150 isavailable (e.g. the data service is not suspended), gateway 108 allowsthe request to be communicated to IP network 110 to reach server 174(step 210 of FIG. 2).

Server 172 processes the request to generate a response. The response(“Resp”) is sent by server 172 to gateway 108 (step 212 of FIG. 2) forfurther communication through mobile network 104 (step 214 of FIG. 2).Mobile network 104 communicates the response to mobile AP device 150(step 216 of FIG. 2), which properly directs and communicates theresponse to mobile device 122 (step 218 of FIG. 2). Mobile AP device 150may perform the one or more address translation functions fortranslating network and/or port addresses of the response for propercommunication to mobile device 122.

Mobile device 122 receives and process the response. For example, if therequest in step 202 is an HTTP GET request for a web page of server 172from a web browser application, mobile device 122 receives and processesan HTTP response from server 172. The HTTP response may include web pagedata for visual display in the web browser application of the mobiledevice 122.

FIG. 3 is a message flow diagram 300 for describing a method ofcontrolling and communicating data traffic in a communication system(e.g. communication system 100 of FIG. 1) when data service issuspended. When data service is suspended, control measures are taken toredirect data traffic from a mobile device (e.g. mobile device 122 ofFIG. 1) which is sent through a mobile AP device (e.g. mobile AP device150 of FIGS. 1 and 10). Note that, in the description of FIG. 3, mobileAP device 150, control center 180, and server 176 are not configured toperform techniques of the present disclosure for reducing data trafficwhile data service is suspended.

FIG. 3 is shown separated into FIGS. 3(a) and 3(b), where FIG. 3(a)illustrates the network measures taken to control data traffic based onidentifying one or more conditions to suspend data service for mobile APdevice 150 (“Suspension Condition Identified”), and FIG. 3(b)illustrates the communication of data traffic while the data service formobile AP device 150 is suspended (“Data Service Suspended”).

Referring specifically to FIG. 3(a), service monitor 190 (e.g. the OCS)is configured to monitor the service and usage (e.g. data traffic usage)of mobile devices, including mobile AP device 150. The service monitor190 may identify a condition for suspending data service for mobile APdevice 150 (step 302 of FIG. 3(a)). A condition for suspending dataservice may be or include any suitable condition, for example, acondition that data usage for mobile AP device 150 has exceeded athreshold, or a condition that allotted data units for mobile AP device150 have been consumed (e.g. reached zero).

In response to identifying the condition, service monitor 190 may send amessage to control center 180 (step 304 of FIG. 3). The message may be arequest that subscriber data flow be redirected for mobile AP device150. Such a message may be communicated by making an ApplicationProgramming Interface (API) call to the control center 180 to redirectsubscriber data flow. Control center 180 receives this message.

In response to receiving the message, control center 180 may send amessage to policy function 192 (e.g. the PCRF) to change or update thestatus or set of rules for mobile AP device 150 (step 306 of FIG. 3(a)).In response, policy function 192 may send or communicate to gateway 108an indication or name of the updated set of rules in rules DB 112 to beapplied (i.e. change in the “rulebase” name) (step 308 of FIG. 3(a)).The set of rules associated with mobile AP device 150 may be updated toredirect subscriber data flow for mobile AP device 150. Gateway 108 isconfigured to use the updated set of rules from the rules DB 112 toprocess future requests from mobile AP device 150 during the suspensionof data service.

Step 308 above is performed when there is an active packet data sessionbetween mobile AP device 150 and gateway 108. In the 3GPP Gx interfacestandard, the message sent from policy function 102 (i.e. the PCRF) togateway 108 (i.e. the PGW) is referred to as a Re-Auth-Request (RAR). Onthe other hand, when there is no active packet data session betweenmobile AP device 150 and gateway 108, policy function 192 stores theindication or name in its own database and sends it to gateway 108 whenthe data packet session is started. Here, in the 3GPP Gx interfacestandard, gateway 108 receives the rulebase name in aCredit-Control-Answer (CCA) in response to sending policy function 192 aCredit-Control-Request (CCR) query.

Reference is now made to FIG. 3(b), illustrating the communication ofdata traffic for mobile AP device 150 while the data service issuspended. Sometime during operation while data service is suspended formobile AP device 150, mobile device 122 communicates to mobile AP device150 a request (“Req”) to a server or device in IP network 110 (step 310of FIG. 3(b)). The request may originate from an application of mobiledevice 122 (e.g. a web browser application). The request may be anysuitable request (e.g. an HTTP request) destined to any suitable serveror device (e.g. an HTTP server). Here, the request may be destined toserver 172 of IP network 110. Mobile AP device 150 receives the requestfrom mobile device 122.

In response to receiving the request, mobile AP device 150 sends tomobile network 104 a corresponding request (step 312 of FIG. 3(b)).Here, the mobile AP device 150 may perform the address translationfunction for translating network and/or port addresses of the request.For example, the mobile AP device 150 may perform NAT and/or PAT beforecommunicating the request to the mobile network 104. The request iscommunicated to gateway 108 of the mobile network (step 314 of FIG.3(b)).

In general, when the data service of mobile AP device 150 is suspended,the updated rules used by gateway 108 do not allow the requests to beserved or to be served as expected. The specific handling of a requestmay vary depending on the type of request. Some requests, for example,such as HTTP Secure (HTTPS) requests from a web browser application, maybe handled in the manner depicted in Case (i) of FIG. 3(b). In Case (i),gateway 108 may simply “drop” or perform no action in relation to therequest, refraining from performing any meaningful processing of therequest (process 318 of FIG. 3(b)).

Other requests, such as requests for content, or HTTP GET requests froma web browser application, may be handled in the manner depicted in Case(ii) of FIG. 3(b). In this Case (ii), gateway 108 may generate aresponse indicating a redirect (step 320 of FIG. 3(b)) and send theresponse to the mobile device 122 via mobile network 104 and mobile APdevice 150 (step 322 of FIG. 3(b)). The response may be an HTTP responsewhich includes a specific indication to redirect (e.g. “statuscode=302”) to a location indicated by a Uniform Resource Locator (URL)in a location header field. The location indicated by the URL is alanding page of server 174, which is used as a redirect server.

Note that server 174 may be owned, operated, and/or controlled by amanufacturer (i.e. the Original Equipment Manufacturer or OEM) ofequipment within which mobile AP device 150 is integrated.Alternatively, server 174 may be owned, operated, and/or controlled by amobile operator of mobile network 104 or a third party. For example,server 174 may be owned, operated, and controlled by the OEM of avehicle or a “connected car” within which mobile AP device 150 may beintegrated (see e.g. connected car 1020 of FIG. 10).

Mobile device 122 may automatically reply to the response of step 322,sending an otherwise similar or identical request as the original, butto the URL specified in the location header field (e.g. the specifiedURL for the landing page of server 174) (step 324 in FIG. 3(b)). Inresponse, server 174 may generate and send to mobile device 122 aresponse which includes web page data of the landing page (step 326 ofFIG. 3(b)). The landing page may be visually displayed in the webbrowser application of the mobile device 122. The landing page mayindicate that the data service is suspended, and/or specify a way inwhich to restore the data service for mobile AP device 150.

For even other requests, such as Domain Name Server (DNS) requests,gateway 108 may allow communication to IP network 110 for appropriateprocessing, where mobile device 122 receives and processes the expectedresponse. As is apparent, at least some of the basic underlyingfunctionality for network communication (e.g. the translation of domainnames into numeric IP addresses for locating and identifying servicesand devices) may still be maintained despite the data service beingsuspended.

FIG. 4 is a flowchart 400 for describing a method for use in controllingdata traffic in a communication system (e.g. communication system 100 ofFIG. 1). The method may be performed by a network entity, such as acontrol center (e.g. control center 180 of FIG. 1) or a server (e.g.server 176 of FIG. 1). Further, the method may involve communicationwith a mobile communication device configured to operate as a mobile AP(“mobile AP device”) (e.g. mobile AP device 150 of FIGS. 1 and 10). Useof this method may result in a reduction of data traffic in suspendeddata service mode, as compared to the amount of data traffic that wouldbe communicated with sole use of the technique described in relation toFIG. 3.

A mobile AP device may process data traffic associated with a mobiledevice in accordance with a selected one of a plurality of processingmodes of operation. The plurality of processing modes may include atleast a first processing mode of operation and a second processing modeof operation. The first processing mode may be referred to as an“available data service mode” of operation, and the second processingmode may be referred to as a “suspended data service mode” of operation.The mobile AP device is configured to connect the mobile device to an IPnetwork via a mobile network and, when operating in the available dataservice mode, allow one or more requests from the mobile device to besent to the mobile network for communication to a server or device inthe IP network.

Initially, the mobile AP device operates in the available data servicemode of operation. Beginning at a start block 402 of FIG. 4, a messageindicating a need to change data traffic handling for the mobile APdevice is received (step 404 of FIG. 4). In some implementations, themessage may provide an instruction to redirect subscriber data flow forthe mobile AP device. The need to change data traffic handling for themobile AP device may be determined based on identifying one or moreconditions for suspending data service for the mobile AP device. Thus,the message may be a message indicating that data service is or shouldbe suspended for the mobile AP device.

A condition for suspending data service may be or include any suitablecondition, for example, a condition that data usage for the mobile APdevice has exceeded a threshold, or a condition that allotted data unitsfor the mobile AP device have been consumed (e.g. reached zero). Otherconditions for suspending data service may include identifying anunauthorized or inappropriate use of the mobile AP device, includingidentifying suspected malicious use of the mobile AP device (e.g. asuspected cyberattack or Distributed Denial of Service or DDoS attack).

In response to receiving the message in step 404, one or more messageswhich instruct the mobile AP device to change data traffic handling aresent to the mobile AP device via the mobile network (step 406 of FIG.4). The one or more messages cause the mobile AP device to operate inthe suspended data service mode of operation. More particularly, the oneor more messages may instruct the mobile AP device to process one ormore requests from a mobile device in accordance with one or more rulesstored in memory of the mobile AP device in order to change its datatraffic handling. The one or more rules include at least one rule fordisallowing the one or more requests from being sent to the mobilenetwork, to prohibit the communication of the one or more requests tothe server or device in the IP network. The flowchart 400 ends at an endblock 408 of FIG. 4.

In some implementations of the method of FIG. 4, the message sent instep 406 may enable or activate one or more rules previously stored inmemory of the mobile AP device. In addition, or alternatively, the oneor more rules may be sent to the mobile AP device over the mobilenetwork in the one or more messages of step 406, or alternatively in oneor more previous or subsequent messages.

FIG. 5 is a flowchart for describing a method of controlling datatraffic in a communication system (e.g. communication system 100 of FIG.1). The method may be performed by a mobile communication deviceconfigured to operate as a mobile AP (“mobile AP device”) (e.g. mobileAP device 150 of FIGS. 1 and 10). Further, the method may involvecommunication with a network entity, such as a control center or server(e.g. control center 180 or server 176 of FIGS. 1 and 11). Use of thismethod may result in a reduction of data traffic during operation in asuspended data service mode as compared to the amount of data trafficthat would be communicated with sole use of the technique described inrelation to FIG. 3.

As described earlier above, the mobile AP device may process datatraffic associated with a mobile device in accordance with a selectedone of a plurality of processing modes of operation. The plurality ofprocessing modes may include at least a first processing mode ofoperation and a second processing mode of operation. The firstprocessing mode may be referred to as an “available data service mode”of operation, and the second processing mode may be referred to as a“suspended data service mode” of operation. The mobile AP device isconfigured to connect the mobile device to an IP network via a mobilenetwork and, when operating in the available data service mode, allowone or more requests from the mobile device to be sent to the mobilenetwork for communication to a server or device in the IP network.

Initially, the mobile AP device operates in the available data servicemode of operation. Beginning at a start block 502 of FIG. 5, one or moremessages which instruct a change in data traffic handling for the mobileAP device are received (step 504 of FIG. 5). The one or more messageswill cause the mobile AP device to operate in the suspended data servicemode of operation.

More particularly, the one or more messages may instruct the mobile APdevice to process one or more requests from a mobile device inaccordance with the one or more rules stored in memory of the mobile APdevice. After receiving the one or more messages, mobile AP device 150operates to process one or more requests from the mobile device inaccordance with the one or more rules, for operation in the suspendeddata service mode (step 506 of FIG. 5). The one or more rules include atleast one rule for disallowing the one or more requests from being sentto the mobile network, to prohibit the communication of the one or morerequests to the server or device in the IP network. The flowchart 500ends at an end block 508 of FIG. 5.

In some implementations of the method of FIG. 5, the one or moremessages received in step 504 may enable or activate one or more rulespreviously stored in memory of the mobile AP device. Alternatively, theone or more messages received in step 504 include the one or more rulesfor storage in memory of the mobile AP device for processing the one ormore requests.

Further, in some implementations of the method of FIG. 5, the message instep 504 may be sent from the network based on the identification of oneor more conditions for suspending data service for the mobile AP device.A condition for suspending data service may be or include any suitablecondition, for example, a condition that data usage for the mobile APdevice has exceeded a threshold, or a condition that allotted data unitsfor the mobile AP device have been consumed (e.g. reached zero). Otherconditions for suspending data service may include identifying anunauthorized or inappropriate use of the mobile AP device, includingidentifying suspected malicious use of the mobile AP device (e.g. asuspected cyberattack or DDoS attack).

FIG. 6 is a flowchart 600 for describing a method of controlling datatraffic by a mobile AP device (e.g. mobile AP device of FIGS. 1 and 10)in a communication system (e.g. communication system 100 of FIG. 1). Themethod may involve communication with a mobile communication device(e.g. mobile device 122 of FIG. 1). Use of this method may result in areduction of data traffic during a suspended data service mode ascompared to the amount of data traffic that would be communicated withsole use of the technique described in relation to FIG. 3.

In general, the mobile AP device is configured to connect a mobiledevice to an IP network via a mobile network. The mobile AP device mayprocess data traffic associated with the mobile device in accordancewith a selected one of a plurality of processing modes of operation. Theplurality of processing modes may include at least a first processingmode of operation and a second processing mode of operation. The firstprocessing mode may be referred to as an “available data service mode”of operation, and the second processing mode may be referred to as a“suspended data service mode” of operation.

Beginning at a start block 602 of FIG. 6, one or more requests from amobile device to a server or device in an IP network are received (step604 of FIG. 6). When the selected processing mode is the firstprocessing mode of operation (e.g. the data service available mode)(step 606 of FIG. 6), the one or more requests are allowed to be sent tothe mobile network, for communication to the server or device in the IPnetwork (step 608 of FIG. 6). Here, one or more (expected) responsesfrom the server or device in the IP network may be received via themobile network, and these responses are sent to the mobile device (step610 of FIG. 6).

When the selected processing mode is the second processing mode ofoperation (e.g. the suspended data service mode) (step 606 of FIG. 6),the one or more requests are processed in accordance with one or morerules (step 614 of FIG. 6). With use of the one or more rules, the oneor more requests are disallowed from being sent to the mobile network,to prohibit the communication to the server or device in the IP network(step 616 of FIG. 6).

While many or some of the requests may be disallowed in the suspendeddata service mode of operation, other requests may invoke alternativeprocessing or even be allowed. More particularly, the specific actiontaken for a request may vary and depend on one or more values of one ormore parameters associated with the request. Examples of requestparameters include the type of request (e.g. a HTTP GET request), theorigin of the request, the type of application that originated therequest (e.g. a web browser application or other), the destination ofthe request (e.g. a server or device IP address, and/or TCP or UDP portnumber), the state or mode of the mobile AP device, and other suitableparameters.

A rule may indicate one or more predetermined values of one or morerequest parameters to detect or identify in a request (e.g. by thecomparison of values), as well as an associated action (if any) to betaken in response to the identification. In some implementations, therules may be or include a list of one or more predetermined values ofone or more request parameters associated with allowable requests (e.g.a whitelist of allowable requests). In addition, or alternatively, therules may be or include a list of one or more predetermined values ofone or more request parameters associated with disallowable requests(e.g. a blacklist of disallowable requests). Note that a blacklist ofdisallowable requests may be implicit, for example, as those requeststhat are not indicated in an explicit whitelist of allowable requests.Conversely, a whitelist of allowable requests may be implicit, forexample, as those requests that are not indicated in an explicitblacklist of disallowable requests.

A few examples are provided for illustration in the “Cases” indicatedafter step 616 of FIG. 6. Some requests, such as HTTP Secure (HTTPS)requests (e.g. requests which may be destined to TCP port 443), whichmay originate from a web browser application of the mobile device, maybe handled in the manner depicted in Case (i) of FIG. 6. In Case (i),the one or more rules may specify to simply “drop” or perform nomeaningful action to serve the request (step 618 of FIG. 6). Anyresponse provided to mobile device 122 in relation to step 618 is notthe expected response to the request, but rather an unexpected response.

Other requests, such as requests for content, or HTTP GET requests froma web browser application of the mobile device, may be handled in themanner depicted in Case (ii) of FIG. 6. In this Case (ii), a responseindicating a redirect to a landing page is generated and sent by themobile AP device to the mobile device (step 620 of FIG. 6). Here, thelanding page may be a local landing page hosted by the mobile AP device.In other implementations, the landing page is hosted in the network(e.g. a network server). The response may be an HTTP response whichincludes a specific indication to redirect (e.g. “status code=302”) to aURL specified in a location header field which indicates the location toredirect.

The mobile device may automatically reply to this response, sending anotherwise similar or identical request as the original but directed tothe URL specified in the location header field. The request to the URLmay be serviced by the mobile AP device, or alternatively the networkserver. A response which includes web page data of the landing page maybe generated and sent to the mobile device in response to this request.The landing page may be visually displayed in the web browserapplication of the mobile device. The landing page may indicate that thedata service is suspended, and/or specify a manner by which to restorethe data service (e.g. a telephone number to call for restoring service,a link to a web page for restoring service, or both).

Even other requests, such as Domain Name Server (DNS) requests (e.g.requests which may be destined to UDP port 43), may be allowed to becommunicated to the mobile network for appropriate handling. Here, themobile device may receive the expected response to the request. As isapparent, at least some basic underlying services for networkcommunication (e.g. DNS translation of domain names into numeric IPaddresses for locating and identifying services and devices) may stillbe provided despite data service being suspended.

FIG. 7 is a message flow diagram 700 for describing a method ofcontrolling and communicating data traffic in a communication system(e.g. communication system 100 of FIG. 1) when data service issuspended.

In the description of FIG. 7, mobile AP device 150, control center 180,and server 176 are configured to perform techniques of the presentdisclosure for reducing data traffic while data service is suspended.Accordingly, use of this method may result in a reduction of datatraffic during a suspended data service mode of operation as compared tothe amount of data traffic that would be communicated with sole use ofthe technique described in relation to FIG. 3.

FIG. 7 is divided into FIGS. 7(a) and 7(b), where FIG. 7(a) illustratesnetwork measures that may be taken to control data traffic based onidentifying one or more conditions to suspend data service for mobile APdevice 150 (“Suspension Condition Identified”), and FIG. 7(b)illustrates some examples of the communication of data traffic during asuspended data service mode of operation of mobile AP device 150.

Referring specifically to FIG. 7(a), service monitor 190 (e.g. the OCS)is configured to monitor the service and usage (e.g. data traffic usage)of mobile devices, including mobile AP device 150. Service monitor 190may identify a condition for suspending data service for mobile APdevice 150 (step 702 of FIG. 7(a)).

A condition for suspending data service may be or include any suitablecondition, for example, a condition that data usage for mobile AP device150 has exceeded a threshold, or a condition that a data usage allowancefor mobile AP device 150 has been consumed (e.g. reached zero). Otherconditions for suspending data service may include identifying anunauthorized or inappropriate use of the mobile AP device, includingidentifying suspected malicious use of mobile AP device (e.g. asuspected cyberattack or DDoS attack by or through mobile AP device150).

In response to identifying the condition, service monitor 190 may send amessage to control center 180 (step 704 of FIG. 7(a)). Control center180 receives this message. The message may indicate or instruct a changein data traffic handling for mobile AP device 150. In addition, oralternatively, the message may indicate or instruct a suspension in dataservice for mobile AP device 150. Also in addition, or alternatively,the message may redirect subscriber data flow for mobile AP device 150.Such a message may be communicated by making an API call to the controlcenter 180 to control or redirect subscriber data flow.

In response to receiving the message, control center 180 may send amessage to policy function 192 (e.g. the PCRF) to change or update thestatus or set of rules for mobile AP device 150 (step 706 of FIG. 7(a)).In response, policy function 192 may send or communicate to gateway 108an indication or name of the updated set of rules in rules DB 112 to beapplied (i.e. change in the “rulebase” name) (step 708 of FIG. 7(a)).The set of rules associated with mobile AP device 150 may be updated toredirect subscriber data flow for mobile AP device 150. Gateway 108 isconfigured to use the updated set of rules from the rules DB 112 toprocess future requests from mobile AP device 150 during the suspensionof data service.

Step 708 above is performed when there is an active packet data sessionbetween mobile AP device 150 and gateway 108. In the 3GPP Gx interfacestandard, the message sent from policy function 102 (i.e. the PCRF) togateway 108 (i.e. the PGW) is referred to as a Re-Auth-Request (RAR). Onthe other hand, when there is no active packet data session betweenmobile AP device 150 and gateway 108, policy function 192 stores theindication or name in its own database and sends it to gateway 108 whenthe data packet session is started. Here, in the 3GPP Gx interfacestandard, gateway 108 receives the rulebase name in aCredit-Control-Answer (CCA) in response to sending policy function 192 aCredit-Control-Request (CCR) query.

Further in response to receiving the message in step 704, control center180 may send to server 176 a message to further control the data trafficassociated with mobile AP device 150 (step 710 of FIG. 7(a)). Server176, which may be referred to as a traffic control server or mobile APdevice manager, may receive this message. The message may indicate aneed to change data traffic handling for mobile AP device 150. Inaddition, or alternatively, the message may indicate or instruct asuspension in data service for mobile AP device 150. Also in addition,or alternatively, the message may be a message to redirect data flow formobile AP device 150. Such a message may be communicated by making anAPI call (e.g. a push API) to server 176 to control or redirectsubscriber data flow.

In some implementations, server 176 may be owned, operated, and/orcontrolled by a manufacturer (i.e. the Original Equipment Manufactureror OEM) of equipment within which mobile AP device 150 is incorporated.In one example, server 174 may be owned, operated, and controlled by theOEM of a vehicle or a “connected car” within which mobile AP device 150is integrated (see e.g. connected car 1020 of FIG. 10). Thus, the OEMhas an existing communication mechanism to establish and maintain asecure wireless channel with the device for purposes of diagnostics,firmware updates, etc. The existing communication mechanism may beutilized for the message communication described in relation to FIG.7(a). In some implementations, server 176 may be connected in a privatenetwork of the OEM. Alternatively, server 176 may be owned, operated,and/or controlled a mobile operator of mobile network 104 or a thirdparty.

In response to receiving the message in step 710, server 176 may sendone or more messages to mobile AP device 150. The one or more messagesfrom server 176 are sent through gateway 108 (step 712 of FIG. 7(a)) tomobile network 104 (step 714 of FIG. 7(a)) for transmission to mobile AP150 (step 716 of FIG. 7(a)). The one or more messages may instruct themobile AP device 150 to change data traffic handling. In addition, oralternatively, the message may indicate or instruct a suspension in dataservice for mobile AP device 150. Also in addition, or alternatively,the message may be a message to redirect data flow.

More particularly, the one or more messages may instruct mobile APdevice 150 to process one or more requests from mobile device 122 inaccordance with one or more rules during a suspended data service mode.The one or more rules may include rules for disallowing the one or morerequests from being sent to mobile network 104, to prohibit thecommunication of the one or more requests to the appropriate server ordevice in IP network 110.

Note that the set of rules may be part of or associated with what isreferred to as a Traffic Handling Template (THT). A THT is a descriptionof the rules that must be applied to process data traffic while in thesuspended data service mode.

In some implementations, the one or more messages sent in step 712 mayenable or activate one or more rules previously stored in memory ofmobile AP device 150. In addition, or alternatively, the one or morerules may be sent to mobile AP device 150 over the mobile network in oneor more messages of step 712, or alternatively in one or more previousor subsequent messages.

Reference is now made to FIG. 7(b), illustrating the handling andcommunication of data traffic by mobile AP device 150 during thesuspended data service mode of operation, after the network measures inFIG. 7(a) to control data traffic are taken.

Sometime during operation, mobile device 122 communicates to mobile APdevice 150 a request (“Req”) to a server or device in IP network 110(step 718 of FIG. 3(b)). The request may originate from an applicationof mobile device 122 (e.g. a web browser application). The request maybe any suitable request (e.g. an HTTP request) destined to any suitableserver or device (e.g. an HTTP server). Here, the request may bedestined to server 172 of IP network 110. Mobile AP device 150 receivesthe request from mobile device 122.

Again, mobile AP device 150 is operating in the suspended data servicemode. Thus, in response to receiving the request in step 718, mobile APdevice 150 processes the one or more requests in accordance with one ormore rules stored in its memory. These rules may have been enabled oractivated in response to receiving the one or more messages from server176 in steps 712, 714, and 716 of FIG. 7(a). The one or more rules mayhave been previously stored in the memory of mobile AP device 150, oralternatively may have been received in the one or more messages fromserver 176 in steps 712, 714, and 716 of FIG. 7(a). In any event, withuse of the one or more rules, the one or more requests are disallowedfrom being sent to mobile network 104, to prohibit the communication tothe server or device in the IP network.

While many or some of the requests may be disallowed in the suspendeddata service mode of operation, other requests may invoke alternativeprocessing or even be allowed. More particularly, the specific actiontaken for a request may vary and depend on one or more values of one ormore parameters associated with the request. Examples of requestparameters include the type of request (e.g. a HTTP GET request), theorigin of the request, the type of application that originated therequest (e.g. a web browser application or other), the destination ofthe request (e.g. a server or device IP address, and/or TCP or UDP portnumber), the state or mode of mobile AP device 150, and other suitableparameters.

A rule may indicate one or more predetermined values of one or morerequest parameters to detect or identify in a request (e.g. by thecomparison of values), as well as an associated action (if any) to betaken in response to the identification. In some implementations, therules may be or include a list of one or more predetermined values ofone or more request parameters associated with allowable requests (e.g.a whitelist of allowable requests). In addition, or alternatively, therules may be or include a list of one or more predetermined values ofone or more request parameters associated with disallowable requests(e.g. a blacklist of disallowable requests). Note that a blacklist ofdisallowable requests may be implicit, for example, as those requeststhat are not indicated in an explicit whitelist of allowable requests.Conversely, a whitelist of allowable requests may be implicit, forexample, as those requests that are not indicated in an explicitblacklist of disallowable requests.

A few examples are provided for illustration in the “Cases” indicatedafter step 718 of FIG. 7(b). Some requests, such as HTTP Secure (HTTPS)requests (e.g. requests which may be destined to TCP port 443), whichmay originate from a web browser application of mobile device 122, maybe handled in the manner associated with Case (i) of FIG. 7(b). In Case(i), the one or more rules may specify to simply “drop” or perform nomeaningful action to serve the request (step 720 of FIG. 7(b)). Anyresponse provided to mobile device 122 in relation to the request sentin step 718 is not an expected response to the request, but rather anunexpected response.

Other requests, such as requests for content, or HTTP GET requests froma web browser application of mobile device 122, may be handled in themanner associated with Case (ii) of FIG. 7(b). In this Case (ii), aresponse indicating a redirect to a landing page is generated (step 722of FIG. 7(b)) and sent by mobile AP device 150 to mobile device 122(step 724 of FIG. 6). Here, the landing page may be hosted by mobile APdevice 150. In other implementations, the landing page is hosted in thenetwork (e.g. by a network server). The response may be an HTTP responsewhich includes a specific indication to redirect (e.g. “statuscode=302”) to a URL specified in a location header field which indicatesthe location to redirect.

Mobile device 122 may automatically reply to this response, sending anotherwise similar or identical request as the original but directed tothe URL specified in the location header field (step 726 of FIG. 7(b)).The request to the URL hosted by mobile AP device 150 may be serviced bymobile AP device 150, or alternatively by the network server. Inparticular, a response which includes web page data of the landing pagemay be generated and sent to the mobile device in response to thisrequest (step 728 of FIG. 7(b)). The landing page may be visuallydisplayed in the web browser application of mobile device 122. Thelanding page may indicate that the data service is suspended, and/orspecify a manner by which to restore the data service (e.g. a telephonenumber to call for restoring service, a link or URL to a web page forrestoring service, or both).

Even other requests, such as Domain Name Server (DNS) requests (e.g.requests which may be destined to UDP port 43), may be allowed to becommunicated to mobile network 104 for appropriate handling (notillustrated in FIG. 7). Here, mobile device 122 may receive an expectedresponse to the request. As is apparent, at least some basic underlyingservices for network communication (e.g. DNS translation of domain namesinto numeric IP addresses for locating and identifying services anddevices) may still be provided in the suspended data service mode.

Again, use of the methods described in relation to FIG. 7 (or any othersuitable variation thereof) may result in a reduction of data traffic ina suspended data service mode of operation, as compared to the amount ofdata traffic that would be communicated with sole use of the techniquedescribed in relation to FIG. 3. Compare, for example, the illustratedsteps of FIG. 3(b) with the illustrated steps of FIG. 7(b). As isapparent from FIG. 7(b), it may not be necessary for mobile AP device150 to transmit to mobile network 104 any of the data traffic frommobile device 122. Mobile AP device 150 may be a small, battery-powereddevice, where considerations such as power conservation and heat areimportant. Further, it may not be necessary for mobile network 104,gateway 108, and the servers to receive or process any of the datatraffic from mobile device 122 during the data service suspension. Eventhe redirection of data traffic in accordance with the presentdisclosure may be handled entirely locally (e.g. by mobile AP device150) without burdening mobile network 150, IP network 110, or theservers (see e.g. steps 724, 726, and 728 of FIG. 7(b)). Note that aservice cost may be associated with redirected communications of steps322, 324, and 326 of FIG. 3(b) during the data service suspension.Without appropriate handling of the data traffic during the data servicesuspension, this service cost could undesirably be passed on to thesubscriber or the OEM (e.g. the OEM of the “connected car” 1040 of FIG.10). Finally, note further that any requests intended to be disallowedbut inadvertently allowed by mobile AP device 150 to mobile network 104may still be appropriately redirected in the network, since the rules DB112 is changed to redirect data traffic in step 706 of FIG. 7(a) whendata service is suspended.

FIG. 8 is a message flow diagram 800 for describing a method ofcontrolling and communicating data traffic in a communication system(e.g. communication system 100 of FIG. 1) when data service issuspended. Note that the method of FIG. 8 is a variation to the methodof FIG. 7, where use of server 176 may be omitted.

In the description of FIG. 8, mobile AP device 150 and control center180 are configured to perform techniques of the present disclosure forreducing data traffic while data service is suspended. Accordingly, useof this method may result in a reduction of data traffic in a suspendeddata service mode of operation as compared to the amount of data trafficthat would be communicated with sole use of the technique described inrelation to FIG. 3.

FIG. 8 is divided into FIGS. 8(a) and 8(b), where FIG. 8(a) illustratesnetwork measures that may be taken to control data traffic based onidentifying one or more conditions to suspend data service for mobile APdevice 150 (“Suspension Condition Identified”), and FIG. 8(b)illustrates some examples of the communication of data traffic during asuspended data service mode of operation of mobile AP device 150.

Referring specifically to FIG. 8(a), service monitor 190 (e.g. the OCS)is configured to monitor the service and usage (e.g. data traffic usage)of mobile devices, including mobile AP device 150. The service monitor190 may identify a condition for suspending data service for mobile APdevice 150 (step 802 of FIG. 8(a)).

A condition for suspending data service may be or include any suitablecondition, for example, a condition that data usage for mobile AP device150 has exceeded a threshold, or a condition that a data usage allowancefor mobile AP device 150 has been consumed (e.g. reached zero). Otherconditions for suspending data service may include identifying anunauthorized or inappropriate use of the mobile AP device, includingidentifying suspected malicious use of mobile AP device (e.g. asuspected cyberattack or DDoS attack by or through mobile AP device150).

In response to identifying the condition, service monitor 190 may send amessage to control center 180 (step 804 of FIG. 8(a)). Control center180 receives this message. The message may indicate or instruct a changein data traffic handling for mobile AP device 150. In addition, oralternatively, the message may indicate or instruct a suspension in dataservice for mobile AP device 150. Also in addition, or alternatively,the message may redirect subscriber data flow for mobile AP device 150.Such a message may be communicated by making an API call to the controlcenter 180 to control or redirect subscriber data flow.

In response to receiving the message, control center 180 may send amessage to policy function 192 (e.g. the PCRF) to change or update thestatus or set of rules for mobile AP device 150 (step 806 of FIG. 8(a)).In response, policy function 192 may send or communicate to gateway 108an indication or name of the updated set of rules in rules DB 112 to beapplied (i.e. change in the “rulebase” name) (step 808 of FIG. 8(a)).The set of rules associated with mobile AP device 150 may be updated toredirect subscriber data flow for mobile AP device 150. Gateway 108 isconfigured to use the updated set of rules from the rules DB 112 toprocess future requests from mobile AP device 150 during the suspensionof data service.

Step 808 above is performed when there is an active packet data sessionbetween mobile AP device 150 and gateway 108. In the 3GPP Gx interfacestandard, the message sent from policy function 102 (i.e. the PCRF) togateway 108 (i.e. the PGW) is referred to as a Re-Auth-Request (RAR). Onthe other hand, when there is no active packet data session betweenmobile AP device 150 and gateway 108, policy function 192 stores theindication or name in its own database and sends it to gateway 108 whenthe data packet session is started. Here, in 3GPP Gx interface standard,gateway 108 receives the rulebase name in a Credit-Control-Answer (CCA)in response to sending policy function 192 a Credit-Control-Request(CCR) query.

Further in response to receiving the message in step 804, control center180 may send one or more messages to mobile AP device 150. The one ormore messages from control center 180 are sent through gateway 108 (step810 of FIG. 8(a)) to mobile network 104 (step 812 of FIG. 8(a)) fortransmission to mobile AP 150 (step 814 of FIG. 8(a)). The one or moremessages may instruct the mobile AP device 150 to change data traffichandling. In addition, or alternatively, the message may indicate orinstruct a suspension in data service (e.g. operate in the suspendeddata service mode) for mobile AP device 150. Also in addition, oralternatively, the message may be a message to redirect data flow.

In particular, the one or more messages may instruct mobile AP device150 to process one or more requests from mobile device 122 in accordancewith one or more rules during a suspended data service mode ofoperation. The one or more rules may include rules for disallowing theone or more requests from being sent to mobile network 104, to prohibitthe communication of the one or more requests to the appropriate serveror device in IP network 110.

In some implementations, the one or more messages sent in step 810 mayenable or activate one or more rules previously stored in memory ofmobile AP device 150. In addition, or alternatively, the one or morerules may be sent to mobile AP device 150 via mobile network 104 in theone or more messages of step 810, or alternatively in one or moreprevious or subsequent messages.

In FIG. 8(a), it is noted that the previous use of server 176 describedin relation to FIG. 7 is not needed. In such an implementation, controlcenter 180 may be configured to operate with an Integrated DeviceManagement function.

Referring now to FIG. 8(b), what is shown illustrates the handling andcommunication of data traffic for mobile AP device 150 in the suspendeddata service mode of operation, after the network measures taken in FIG.8(a) to control data traffic based on identifying one or more conditionsto suspend data service. Note that the operation of mobile AP device 150and the communication of data traffic in FIG. 8(b) may be the same as orsimilar to the operation and communication described previously inrelation to FIG. 7(b), where steps 718-728 of FIG. 7(b) correspond tosteps 818-828 of FIG. 8(b), respectively. Therefore, reference is madeto the description corresponding to steps 718-728 of FIG. 7(b) to avoidunnecessary repetition.

FIG. 9 is a message flow diagram 900 for describing a method ofcontrolling and communicating data traffic in a communication system(e.g. communication system 100 of FIG. 1) when data service issuspended, which is for use in restoring data service for mobile APdevice 150. In the description of FIG. 9, mobile AP device 150, controlcenter 180, and server 176 are configured to perform techniques of thepresent disclosure.

FIG. 9 is divided into FIGS. 9(a), 9(b), and 9(c), where FIG. 9(a)illustrates an example of a communication of data traffic during asuspended data service mode of operation of mobile AP device 150 forrestoring data service, FIG. 9(b) illustrates network measures that maybe taken to control data traffic based on identifying one or moreconditions to restore the data service for mobile AP device 150(“Restoration Condition Identified”), and FIG. 9(c) indicates thecommunication of data traffic during an available data service mode ofoperation of mobile AP device 150.

Referring specifically to FIG. 9(a), an example of the communication ofdata traffic during a suspended data service mode of operation of mobileAP device 150 for restoring data service is shown. Previously, inrelation to FIG. 7(b) or 8(b), mobile AP device 150 performed processingto redirect a request from mobile device 122 to a local landing page ofmobile AP device 150. See e.g. steps 718 and Case (ii) steps 722, 724,726 and 728 of FIG. 7(b), and/or steps 818 and Case (ii) steps 822, 824,826, and 828 of FIG. 8(b). The landing page may have been visuallydisplayed in a web browser application of mobile device 122. The landingpage may have indicated that the data service is suspended, and/orspecify a manner by which to restore the data service (e.g. providing atelephone number to call for restoring service, a link or URL to a webpage for restoring service, or both).

Accordingly, mobile device 122 sends to mobile AP device 150 a request(e.g. an HTTP GET request) to the link or URL provided in the locallanding page (step 902 of FIG. 9(a)). The link or URL may be destined toa server (e.g. server 176) for restoring the data service. The requestis received at mobile AP device 150. As mobile AP device 150 isoperating in the suspended data service mode, requests from mobiledevice 122 are processed in accordance with the one or more rules storedin memory (step 904 of FIG. 9(a)). In this case, the one or more rulesinclude a rule for allowing (“whitelisting”) requests to the link or URLfor restoring data service. Thus, in response to receiving the requestin step 902, mobile AP device 150 allows the request to be sent tomobile network 104 (step 906 of FIG. 9(a)). Here, mobile AP device 150may perform one or more address translation functions for translatingnetwork and/or port addresses of the request. For example, mobile APdevice 150 may perform a NAT and/or PAT on the request beforecommunicating the request to the mobile network 104.

The request is communicated to gateway 108 of mobile network 104 (step908 of FIG. 9(a)). Note that gateway 108 is also configured to processthe request of mobile AP device 150 in accordance with a set of rulesfrom the rules DB 112 (step 910 of FIG. 9(a)). Here, the set of rulesmay similarly include a rule for allowing (“whitelisting”) requests tothe link or URL for restoring data service. As is apparent, even whenthe data service of mobile AP device 150 is suspended, gateway 108allows the request to be communicated to IP network 110 to reach server176 (step 912 of FIG. 9(a)).

Server 176 processes the request to generate a response. The response issent by server 176 to gateway 108 for further communication throughmobile network 104. Mobile network 104 communicates the response tomobile AP device 150, which properly directs and communicates theresponse to mobile device 122. Mobile device 122 receives and processthe response. For an HTTP GET request for a web page of server 176 forrestoring data service, mobile device 122 receives and processes an HTTPresponse from server 176. The HTTP response may include web page datafor visual display in the web browser application of the mobile device122. The web page for restoring data service may include information forrestoring the data service, and/or input fields for user entry ofinformation for restoring the data service (e.g. payment information forpayment of the data service or additional data, information forauthentication or verification, answers to questions, etc.).

Referring now to FIG. 9(b), service monitor 190 (e.g. the OCS) isconfigured to monitor the service and usage (e.g. data traffic usage) ofmobile devices, including mobile AP device 150. The service monitor 190may identify a condition for restoring data service for mobile AP device150 (step 914 of FIG. 9(b)). A condition for restoring the data servicemay include identifying that appropriate steps have been taken by theuser of mobile device 122 and/or mobile AP device 150 to restore thedata service (e.g. payment for the data service has been made,additional data has been purchased, information for authentication orverification has been made, etc.). See e.g. the description in relationto steps 902-912 of FIG. 9(a) above.

In response to identifying the condition, service monitor 190 may send amessage to control center 180 (step 916 of FIG. 9(b)). Control center180 receives this message. The message may indicate or instruct a changein data traffic handling for mobile AP device 150. In addition, oralternatively, the message may indicate or instruct a restoration indata service for mobile AP device 150. Such a message may becommunicated by making an API call to the control center 180 to controlor redirect subscriber data flow.

In response to receiving the message in step 916, control center 180 maysend a message to policy function 192 (e.g. the PCRF) to change orupdate the status or set of rules for mobile AP device 150 (step 918 ofFIG. 9(b)). In response, policy function 192 may send or communicate togateway 108 an indication or name of the updated set of rules in rulesDB 112 to be applied (i.e. change in the “rulebase” name) (step 920 ofFIG. 9(b)). In particular, the set of rules associated with mobile APdevice 150 may be updated to remove the redirection of subscriber dataflow for mobile AP device 150 (e.g. “normal” processing). Gateway 108 isconfigured to use the updated set of rules from the rules DB 112 toprocess future requests from mobile AP device 150 for the restored,normal data service.

Step 920 above is performed when there is an active packet data sessionbetween mobile AP device 150 and gateway 108. More particularly, in the3GPP Gx interface standard, the message sent from policy function 102(i.e. the PCRF) to gateway 108 (i.e. the PGW) is referred to as aRe-Auth-Request (RAR). On the other hand, when there is no active packetdata session between mobile AP device 150 and gateway 108, policyfunction 192 stores the indication or name in its own database and sendsit to gateway 108 when the data packet session is started. Moreparticularly, in the 3GPP Gx interface standard, gateway 108 receivesthe rulebase name in a Credit-Control-Answer (CCA) in response tosending policy function 192 a Credit-Control-Request (CCR) query.

Further in response to receiving the message in step 916, control center180 may send a message to server 176 for further control of the datatraffic associated with mobile AP device 150 (step 922 of FIG. 9(b)).Server 176, which may be referred to as the traffic control server, mayreceive this message. The message may indicate a need to change datatraffic handling for mobile AP device 150. In addition, oralternatively, the message may indicate or instruct a restoration of thedata service for mobile AP device 150.

In some implementations, server 176 may be owned, operated, and/orcontrolled by a manufacturer (i.e. the Original Equipment Manufactureror OEM) of equipment within which mobile AP device 150 is integrated. Inone example, server 174 may be owned, operated, and controlled by theOEM of a vehicle or a “connected car” within which mobile AP device 150is integrated (see e.g. connected car 1020 of FIG. 10). Here, server 176may be connected in a private network of the OEM. Alternatively, server176 may be owned, operated, and/or controlled a mobile operator ofmobile network 104 or a third party.

In response to receiving the message in step 922, server 176 sends oneor more messages to mobile AP device 150. The one or more messages fromserver 176 are sent through gateway 108 (step 924 of FIG. 9(b)) tomobile network 104 (step 926 of FIG. 9(b)) for transmission to mobile AP150 (step 928 of FIG. 9(b)). The one or more messages may instruct themobile AP device 150 to change data traffic handling. In addition, oralternatively, the message may indicate or instruct a restoration ofdata service for mobile AP device 150. Also in addition, oralternatively, the message may be a message to remove the redirection ofdata flow.

In particular, the one or more messages may instruct mobile AP device150 to cease processing of the one or more requests from mobile device122 in accordance with one or more rules. The one or more messages sentin step 922 may simply instruct mobile AP device 150 to disable ordeactivate the one or more rules stored in memory. Thus, future datarequests from mobile device 122 will generally be allowed to be sent bymobile AP device 150 to mobile network 104 for communication to IPnetwork 110.

Referring now to FIG. 9(c), while operating in the available dataservice mode of operation, mobile AP device 150 generally allowsrequests from mobile device 122 to be sent to mobile network 104 for thecommunication to IP network 110. The communication of data traffic maygenerally be the same as or similar to that described previously inrelation to FIG. 2. Therefore, reference is made to the description ofFIG. 2 to avoid unnecessary repetition.

FIG. 10 shows a schematic diagram 1000 of an embodiment of the mobile APdevice 150 of FIG. 1. In FIG. 10, mobile AP device 150 is shown incontext within an illustrative system environment, namely, a “connectedcar” environment.

A connected car 1040 may have a connected car module 1030 which includesmobile AP device 150 in order to provide a mobile hotspot in thevehicle. Connected car module 1030 may be a vehicle control module,which has connected car functionality. Using the connected car module1030, communication devices may access voice and/or data communicationservices and the IP network 110 (e.g. the Internet). Connected carmodule 1030 may also provide for telematics processing and communicationwith a telematics processing network 1050 (e.g. of or associated withthe OEM) via mobile network 104.

Viewing the schematic diagram 100 of FIG. 10, mobile AP device 150 isshown to have components which may include one or more processors 1002,a first wireless transceiver 1004, a second wireless transceiver 1006,one or more antennas 1008, a memory 1010, and a battery interface 1020.Battery interface 1020 may be configured to connect to one or morebatteries to provide a regulated voltage (V) and electrical power to thecomponents. The components of mobile AP device 150 may be providedtogether as a single unit and, for example, contained in a mechanicalhousing 1020.

The one or more processors 1002 may be coupled to first and secondwireless transceivers 1002 and 1004 and to memory 1010. Memory may 1010store instructions 1012 for operation, as well as one or moreapplications 1016. The one or more processors 1002 are configured tooperate according to the instructions 1010 to perform basic operations,as well as to perform techniques of the present disclosure.

First and second wireless transceivers 1004 and 1006 are coupled to theone or more antennas 1008 for wireless communications. One or moreprocessors 1002 are configured to operate first wireless transceiver1004 to provide wireless communications in accordance with a firstcommunication protocol or standard, and configured to operate secondwireless transceiver 1006 to provide wireless communications inaccordance with a second communication protocol or standard.

The first communication protocol may be a Wi-Fi or WLAN protocol, whichmay be described in a group of specifications developed by the Instituteof Electrical and Electronics Engineers (IEEE) referred to collectivelyas the IEEE 802.11 standard. The second communication protocol may beany suitable cellular telecommunications protocol or standard describedin one of several various specifications. Thus, in some implementations,mobile AP device 150 is configured to provide a first wirelessconnection to a mobile device and a second wireless connection to amobile network, where the first wireless connection is a WLAN connectionand the second wireless connection is a cellular network connection.

Memory 1010 may also store one or more rules 1014, described earlierabove in relation to FIGS. 3-9. In some implementations, the one or morerules 1014 may be received from control center 190 or server 176 in oneor more messages via mobile network for storage in memory 1010 (see e.g.the description in relation to FIGS. 3-5 and 7-8).

Memory 1010 may also store web page data for a landing page 1018,described earlier above in relation to FIGS. 6-9. The landing page maybe for visually display in a web browser application of a mobile device.The landing page may indicate that data service is suspended, and/orspecify a manner by which to restore data service (e.g. providing atelephone number to call for restoring service, a link or URL to a webpage for restoring service, or both).

FIG. 11 shows a block diagram 1100 of basic pertinent components of acontrol center (e.g. control center 180 of FIG. 1) or a server (e.g.server 176 of FIG. 1). Note that, although different by name, controlcenter 180 may simply be or include a server in some implementations.

Control center 180 or server 176 of FIG. 11 has components which mayinclude one or more processors 1102 which are coupled to memory 1104 andto a network interface/controller 1106. Network interface/controller1106 is configured to connect to a communication network forcommunications in an IP network, such as IP network 110 of FIG. 1. Theone or more processors 1102 of control center 180 or server 176 areconfigured to operate according to instructions 1108 stored in memory1104, in order to perform basic operations as well as to performtechniques of the present disclosure. Memory 1104 may also store one ormore rules 1110, described earlier above in relation to FIGS. 3-9. Theone or more rules 1110 may be sent by control center 180 or server 176in one or more messages to a mobile AP device via a mobile network forstorage in memory of the mobile AP device (see e.g. the description inrelation to FIGS. 3-5 and 7-8).

In some embodiments, a plurality of different sets of rules may beapplied for handling communications for a mobile device. For instance,there may be two, three, or four different sets of rules for differentmodes of operation. For example, a first set of rules may be applied fornormal mode of operation and a second set of rules may be applied fordata service suspended mode of operation, as described above. As anotherexample, a first set of rules may be applied for data service suspendedmode of operation, as described above, and a second set of (morestringent) rules may be applied for a cyberattack protection mode ofoperation (e.g. based on detection of a suspected cyberattack or DDoSattack).

Thus, as described herein, a mobile communication device may beconfigured to operate as a mobile access point (AP) and be referred toas a “mobile AP device” or the like. In one illustrative example, themobile AP device receives from a mobile device one or more requests to aserver or device in an IP network. When data service is available, themobile AP device allows the one or more requests to be sent to a mobilenetwork for communication to the server or device in the IP network.When the data service is suspended, the mobile AP device disallows theone or more requests from being sent to the mobile network to prohibitthe communication to the server or device in the IP network. The dataservice may be part of a cellular communication service provided by aservice provider, where the cellular service is made available orsuspended by the service provider. The specific handling of a requestmay vary depending on one or more parameters of the request, such as thetype of request. For an HTTP GET request, for example, the mobile APdevice may additionally generate and send to the mobile device an HTTPresponse indicating a redirect to a local landing page of the mobile APdevice.

Prior to such processing, the mobile AP device may receive via themobile network one or more messages which instruct a change in datatraffic handling. In particular, the one or more messages may instructthe mobile AP device to process the one or more requests in accordancewith one or more rules for a suspended data service mode of operation.The one or more rules include a rule for disallowing the one or morerequests from being sent to the mobile network during the suspended dataservice mode. In some implementations, the one or more messages mayenable or activate one or more rules previously stored in memory of themobile AP device. In addition, or alternatively, the one or more rulesfor processing the one or more requests may be received by the mobile APdevice in the one or more messages and stored in memory of the mobile APdevice.

Also as described herein, a control center or server may receive amessage indicating a need to change data traffic handling for a mobileAP device based on one or more suspension conditions being identified.In response, the control center or server may send to the mobile APdevice one or more messages which instruct a change in data traffichandling for the mobile AP device. In particular, the one or moremessages may instruct the mobile AP device to process the one or morerequests in accordance with one or more rules for a suspended dataservice mode of operation. The one or more rules include a rule fordisallowing the one or more requests from being sent to the mobilenetwork in the suspended data service mode. In some implementations, theone or more messages may enable or activate one or more rules previouslystored in memory of the mobile AP device. In addition, or alternatively,the one or more rules for processing the one or more requests may besent in the one or more messages for storage in memory of the mobile APdevice.

Note that, throughout the description, use of the terminology “availabledata service mode” may be replaced using the terminology “allowed dataservice mode” or “allowed state,” and use of the terminology “suspendeddata service mode” may be replaced using the terminology “redirecteddata service mode” or “redirected state.”

While various aspects of implementations within the scope of theappended claims are described above, it should be apparent that thevarious features of implementations described above may be embodied in awide variety of forms and that any specific structure and/or functiondescribed above is merely illustrative. Based on the present disclosureone skilled in the art should appreciate that an aspect described hereinmay be implemented independently of any other aspects and that two ormore of these aspects may be combined in various ways. For example, anapparatus may be implemented and/or a method may be practiced using anynumber of the aspects set forth herein. In addition, such an apparatusmay be implemented and/or such a method may be practiced using otherstructure and/or functionality in addition to or other than one or moreof the aspects set forth herein.

It will also be understood that, although the terms “first,” “second,”etc. may be used herein to describe various elements, these elementsshould not be limited by these terms. These terms are only used todistinguish one element from another. For example, a first contact couldbe termed a second contact, and, similarly, a second contact could betermed a first contact, which changing the meaning of the description,so long as all occurrences of the “first contact” are renamedconsistently and all occurrences of the second contact are renamedconsistently. The first contact and the second contact are bothcontacts, but they are not the same contact.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of the claims. Asused in the description of the embodiments and the appended claims, thesingular forms “a”, “an” and “the” are intended to include the pluralforms as well, unless the context clearly indicates otherwise. It willalso be understood that the term “and/or” as used herein refers to andencompasses any and all possible combinations of one or more of theassociated listed items. It will be further understood that the terms“comprises” and/or “comprising,” when used in this specification,specify the presence of stated features, integers, steps, operations,elements, and/or components, but do not preclude the presence oraddition of one or more other features, integers, steps, operations,elements, components, and/or groups thereof.

As used herein, the term “if” may be construed to mean “when” or “upon”or “in response to determining” or “in accordance with a determination”or “in response to detecting,” that a stated condition precedent istrue, depending on the context. Similarly, the phrase “if it isdetermined [that a stated condition precedent is true]” or “if [a statedcondition precedent is true]” or “when [a stated condition precedent istrue]” may be construed to mean “upon determining” or “in response todetermining” or “in accordance with a determination” or “upon detecting”or “in response to detecting” that the stated condition precedent istrue, depending on the context.

What is claimed is:
 1. A method comprising: at a mobile communicationdevice configured to operate as a mobile access point (AP), receivingfrom a mobile device one or more requests to a server or device in an IPnetwork; when cellular data service is made available by a cellularservice provider, allowing the one or more requests to be sent to amobile network for communication to the server or device in the IPnetwork; and when the cellular data service is suspended by the cellularservice provider, disallowing the one or more requests from being sentto the mobile network to prohibit the communication to the server ordevice in the IP network.
 2. The method of claim 1, wherein the one ormore requests comprises an HTTP or HTTPS request.
 3. The method of claim1, wherein the one or more requests comprises a request for content, themethod comprising: at the mobile AP device, when the cellular dataservice is suspended by the cellular service provider, generating andsending to the mobile device a response indicating a redirect to alanding page, the local landing page indicating that the data service issuspended.
 4. The method of claim 1, wherein one or more additionalrequests from the mobile device comprise a Domain Name Service (DNS)request to the IP network, the method comprising: at the mobile APdevice, when the cellular data service is suspended by the cellularservice provider, allowing the DNS request to be sent to the mobilenetwork for communication to the IP network.
 5. The method of claim 1,wherein the one or more requests comprises an HTTP GET request, themethod comprising: at the mobile AP device, when the cellular dataservice is suspended by the cellular service provider, generating andsending to the mobile device an HTTP response indicating a redirect to alocal landing page stored in the mobile AP device, the local landingpage indicating a telephone number or a link for restoring the dataservice.
 6. The method of claim 5, wherein one or more additionalrequests from the mobile device comprise an HTTP request to the link forrestoring the data service, the method comprising: at the mobile APdevice, when the cellular data service is suspended by the cellularservice provider, allowing the HTTP request to the link for restoringthe data service to be sent to the mobile network for communication tothe IP network.
 7. The method of claim 1, comprising: at the mobile APdevice, receiving via the mobile network a message which instructs achange in data traffic handling; and in response to receiving the one ormore messages, processing the one or more requests in accordance withone or more rules while the cellular data service is suspended by thecellular service provider, for disallowing the one or more requests frombeing sent to the mobile network to prohibit the communication to theserver or device in the IP network.
 8. The method of claim 1,comprising: at the mobile AP device, receiving over the mobile networkone or more messages which include one or more rules for processing theone or more requests; and processing the one or more requests inaccordance with the one or more rules while the cellular data service issuspended by the cellular service provider, for disallowing the one ormore requests from being sent to the mobile network to prohibit thecommunication to the server or device in the IP network.
 9. The methodof claim 1, wherein the mobile AP device is configured to provide afirst wireless connection to a mobile device and a second wirelessconnection to a mobile network, the first wireless connection comprisinga wireless local area network (WLAN) connection and the second wirelessconnection comprising a cellular telecommunications network connection.10. The method of claim 1, wherein the mobile AP device comprises partof a connected car module.
 11. The method of claim 1, which is embodiedin a computer program product comprising a non-transitory computerreadable medium and instructions stored on the non-transitory computerreadable medium, the instructions being executable on one or moreprocessors of the mobile AP device for performing the steps of themethod.
 12. A mobile device configured to operate as a mobile accesspoint (AP), the mobile AP device comprising: a first wirelesstransceiver; a second wireless transceiver; one or more processorscoupled to the first and the second wireless transceivers; memorycoupled to the one or more processors; the one or more processorsconfigured to operate according to instructions stored in the memoryfor: receiving from a mobile device via the first wireless transceiverone or more requests to a server or device in an IP network; whencellular data service is made available by a cellular service provider,allowing the one or more requests to be sent to a mobile network via thesecond wireless transceiver for communication to the server or device inthe IP network; and when the cellular data service is suspended by thecellular service provider, disallowing the one or more requests frombeing sent to the mobile network via the second wireless transceiver toprohibit the communication to the server or device in IP network. 13.The mobile AP device of claim 12, wherein the first wireless transceivercomprises a wireless local area network (WLAN) transceiver, the secondwireless transceiver comprises a cellular transceiver, the data servicecomprises a cellular data service of the mobile AP device, and the oneor more requests comprises a request for content.
 14. The mobile APdevice of claim 12, wherein the one or more requests comprises a requestfor content, the one or more processors configured to operate accordingto the instructions for: when the cellular data service is suspended bythe cellular service provider, generating and sending to the mobiledevice a response indicating a redirect to a landing page, the landingpage indicating that the data service is suspended.
 15. The mobile APdevice of claim 12, wherein the one or more requests comprises an HTTPGET request, the one or more processors configured to operate accordingto the instructions for: when the cellular data service is suspended bythe cellular service provider, generating and sending to the mobiledevice an HTTP response indicating a redirect to a local landing pagestored in the mobile AP device, the local landing page indicating atelephone number or a link for restoring the data service; and allowingan HTTP GET request to the link for restoring the data service to besent via the second wireless transceiver to the mobile network forcommunication to the IP network.
 16. The mobile AP device of claim 12,the one or more processors configured to operate according to theinstructions for: receiving from the mobile network via the secondwireless transceiver a message which instructs a change in data traffichandling; and in response to receiving the message, processing the oneor more requests in accordance with one or more rules, for disallowingthe one or more requests from being sent via the second wirelesstransceiver to the mobile network to prohibit the communication to theserver or device in the IP network.
 17. The mobile AP device of claim12, the one or more processors configured to operate according to theinstructions for: receiving from the mobile network via the secondwireless transceiver one or more messages which instruct a change indata traffic handling, the one or more messages comprising one or morerules for processing the one or more requests; and processing the one ormore requests in accordance with the one or more rules, for disallowingthe one or more requests from being sent via the second wirelesstransceiver to the mobile network to prohibit the communication to theserver or the device in the IP network.
 18. A method comprising: at acontrol center or server configured to control data traffic for a mobiledevice which is operable as a mobile access point (AP), where the mobileAP device is configured to connect a mobile device to an IP network viaa mobile network and allow one or more requests from the mobile deviceto be sent to the mobile network for communication to a server or devicein the IP network while cellular data service for the mobile AP deviceis made available by a cellular network provider, receiving a messagewhich instructs a change in data traffic handling for the mobile APdevice; and in response to receiving the message, sending to the mobileAP device a message which instructs the mobile AP device to process theone or more requests in accordance with one or more rules while thecellular data service is suspended by the cellular service provider fordisallowing the one or more requests from being sent to the mobilenetwork.
 19. The method of claim 18, comprising: at the control centeror server, sending to the mobile AP device the one or more rules forprocessing the one or more requests.
 20. The method of claim 18, furthercomprising: wherein sending the one or more messages comprises sendingthe one or more rules for processing the one or more requests in the oneor more messages; wherein receiving the message which instructs thechange in data traffic handling comprises receiving the message from anonline charging system (OCS); wherein one of the one or more rulescomprises a rule to disallow an identified HTTP or HTTPS request frombeing sent to the mobile network; or wherein one of the one or morerules comprises a rule to disallow an identified HTTP GET request frombeing sent to the mobile network to prohibit its communication to theserver or device in IP network, and to generate and send to the mobiledevice an HTTP response comprising a redirect to a local landing pagestored in the mobile AP device.